JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.108

104.207.42.108 was found in our database!

This IP was reported 158 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.108

Whois 104.207.42.108

IP Abuse Reports for 104.207.42.108:

This IP address has been reported a total of 158 times from 21 distinct sources. 104.207.42.108 was first reported on June 4th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-03-12 20:00:27 (3 months ago)	Form spam	Web Spam
🇫🇷 tilellit.pro	2026-02-01 21:32:00 (4 months ago)	Fail2Ban banned 104.207.42.108 for security violations in jail wp-armour. Log: 2026/02/01 21:32:00 [ ... show more Fail2Ban banned 104.207.42.108 for security violations in jail wp-armour. Log: 2026/02/01 21:32:00 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.42.108 \| Target: wplogin" , client: 104.207.42.108, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 myagent.site	2026-01-13 11:55:48 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇫🇷 dynamix	2026-01-01 06:54:55 (5 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 mnsf	2025-12-27 15:05:23 (5 months ago)	Too many Status 40X (12)	Brute-Force Web App Attack
🇮🇹 VHosting	2025-12-25 22:40:10 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-24 01:28:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 23 20:28:28.334780 2025] [security2:error] [pid 6346:tid 6346] [client 104.207.42.108:21807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aeongames.com"] [uri "/wp-config.php"] [unique_id "aUtBvC8sDLAV9V2kg4ry5QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-08 16:37:09 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 02:37:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:37:16.633182 2025] [security2:error] [pid 20708:tid 20708] [client 104.207.42.108:52319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fastpc.biz"] [uri "/.svn/wc.db"] [unique_id "aSZn3L9SLn2h50L0gIB9uQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:22:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:22:04.977831 2025] [security2:error] [pid 27095:tid 27095] [client 104.207.42.108:18959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.chitsey.com"] [uri "/.env"] [unique_id "aSZkTBAYeawRQFr-4h-LwQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:06:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:05:59.736456 2025] [security2:error] [pid 30037:tid 30037] [client 104.207.42.108:40275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.dsjostrom.com"] [uri "/.svn/wc.db"] [unique_id "aSZghzTiBoySdtyEozeBjQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:22:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:22:35.511170 2025] [security2:error] [pid 11995:tid 11995] [client 104.207.42.108:23467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.boatpeople.org"] [uri "/.git/HEAD"] [unique_id "aSU9Gxfb8SZOElm5-9omIgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:30:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:29:46.846163 2025] [security2:error] [pid 19635:tid 19635] [client 104.207.42.108:26993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.northwestarbor-culture.com"] [uri "/.svn/wc.db"] [unique_id "aSP7WjN1g7BZhaaVQ6kDwQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:12:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:12:33.272606 2025] [security2:error] [pid 15116:tid 15116] [client 104.207.42.108:33229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.yosalvationyo.org"] [uri "/.svn/wc.db"] [unique_id "aSPpQXoIYi9P0X9Ns_8HCwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-15 13:58:55 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 08:58:50.102185 2025] [security2:error] [pid 27359:tid 27359] [client 104.207.42.108:12803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.austli.com"] [uri "/.env"] [unique_id "aRiHGkpARsXohMBCJDo0qQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 158 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.74.147.57

🇬🇧 213.166.84.35

🇺🇸 192.185.4.177

🇨🇿 92.112.238.24

🇵🇱 85.221.154.244

🇩🇪 68.183.73.211

🇩🇪 45.135.193.193

🇭🇰 45.116.78.92

🇺🇸 216.180.246.124

🇵🇦 200.46.177.242

🇺🇸 170.187.147.114

🇺🇸 162.216.150.148

🇺🇸 162.216.149.225

🇫🇷 151.247.38.151

🇺🇸 146.190.112.200

🇺🇸 137.184.116.35

🇨🇳 113.125.165.132

🇫🇷 85.217.140.11

🇰🇿 37.150.179.197

🇷🇺 5.167.67.3